Hello!
Miniwebsvr 0.0.6 suffers from a directory traversal flaw.
"Exploit" :
http://yoursite/..%00
Attack vector seems limited as you're only able to list one level down.
Cheers,
Daniel Nystrom, [email protected]
Fredrik Wessberg, [email protected]